Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchostn.exe' = '"<SYSTEM32>\svchosta.exe" start4dalife'
- <SYSTEM32>\svchosta.exe start4dalife
- <SYSTEM32>\svchosta.exe
- 'ir#.#nonops.li':6697
- DNS ASK ir#.#nonops.li
- ClassName: 'Indicator' WindowName: ''